Policy file for 'aide' and/or 'tripwire'?

Tom Mitchell mitch48 at sbcglobal.net
Tue May 4 00:51:30 UTC 2004


On Tue, May 04, 2004 at 07:27:44AM +1000, Russell Coker wrote:
....
> If there are standard locations for the tripwire database and binaries then 
> let me know and I'll add them to the policy.

The below should be a fair start:

    # rpm -qa | grep trip
    tripwire-2.3.1-17

    ========

    # rpm -q --list tripwire-2.3.1-17
    /etc/cron.daily/tripwire-check
    /etc/tripwire
    /etc/tripwire/twcfg.txt
    /etc/tripwire/twinstall.sh
    /etc/tripwire/twpol.txt
    /usr/sbin/siggen
    /usr/sbin/tripwire
    /usr/sbin/twadmin
    /usr/sbin/twprint
    /usr/share/doc/tripwire-2.3.1
    /usr/share/doc/tripwire-2.3.1/COPYING
    /usr/share/doc/tripwire-2.3.1/ChangeLog
    /usr/share/doc/tripwire-2.3.1/README
    /usr/share/doc/tripwire-2.3.1/README.RPM
    /usr/share/doc/tripwire-2.3.1/Release_Notes
    /usr/share/doc/tripwire-2.3.1/TRADEMARK
    /usr/share/doc/tripwire-2.3.1/policyguide.txt
    /usr/share/doc/tripwire-2.3.1/quickstart.gif
    /usr/share/doc/tripwire-2.3.1/quickstart.txt
    /usr/share/man/man4/twconfig.4.gz
    /usr/share/man/man4/twpolicy.4.gz
    /usr/share/man/man5/twfiles.5.gz
    /usr/share/man/man8/siggen.8.gz
    /usr/share/man/man8/tripwire.8.gz
    /usr/share/man/man8/twadmin.8.gz
    /usr/share/man/man8/twintro.8.gz
    /usr/share/man/man8/twprint.8.gz
    /var/lib/tripwire
    /var/lib/tripwire/report


    ========
    # cat /tmp/trip-stuff edited from "locate tripwire"
    /var/lib/tripwire
    /var/lib/tripwire/report
    /var/lib/tripwire/report/xtl2.xtl.tenegg.com-20040303-172709.twr
    ....
    /var/lib/tripwire/report/xtl2.xtl.tenegg.com-20040502-044143.twr
    /var/lib/tripwire/report
    /var/lib/tripwire/xtl2.xtl.tenegg.com.twd
    /var/lib/tripwire/xtl2.xtl.tenegg.com.twd.bak
    /var/lib/tripwire
    /etc/cron.daily/tripwire-check
    /etc/tripwire
    /etc/tripwire/twinstall.sh
    /etc/tripwire/twcfg.txt
    /etc/tripwire/site.key
    /etc/tripwire/twpol.txt
    /etc/tripwire/tw.cfg
    /etc/tripwire/tw.pol
    /etc/tripwire/tw.cfg.5383.bak
    /etc/tripwire/tw.pol.bak
    /etc/tripwire/xtl2.xtl.tenegg.com-local.key
    /etc/tripwire/tw.cfg.1891.bak
    /etc/tripwire
    /usr/sbin/tripwire


-- 
	T o m  M i t c h e l l 
	/dev/null the ultimate in secure storage.



More information about the fedora-selinux-list mailing list